Dr. Aleksandar Valjarevic, Head of Solutions Architecture, Help AG, speaks to Anita Joseph about the regional cybersecurity market, the need for regular vulnerability assessments, greater awareness about cybersecurity and Help AG’s leading role in providing industry-defining, cutting-edge cybersecurity solutions
Q) How would you describe the global cybersecurity market today, with particular focus on the MENA region? How have things changed and evolved?
Cybersecurity trends provide an accurate reflection of how we use technology in general and we can definitely see that the pace of change and progress is evolving. Consider for example, the devices we connect from such as smartphones. While they’ve been around ever since the launch of the first iPhone, they’ve now come into their own as business enablement and productivity tools instead of just means to check emails on the go. On the Apple Watch, there are now apps for Salesforce and even the identity solutions that Help AG offers that are custom built for this device. This changes the way we utilize technology.
Simultaneously, behind the scenes, there have been dramatic changes to how we deliver technology. We have the cloud, which represents a paradigm shift, and IoT which, for both consumers and businesses, is entirely changing processes. As a result, cybersecurity is evolving, and we see attackers focusing more and more on three threat vectors- those that exploit user behaviour, those that attack the endpoint and those that target the end user’s identity. This results from the fact that as we move to the cloud, attackers need to find new ways to get to the data. Understanding that end users present the weakest link in the security chain, attackers leverage phishing and social engineering attacks exploit their behaviour. Because all major cloud vendors understand the need for robust security on their platforms, attacks have also shifted their attacks to the endpoint.
End users are still accustomed to having full privileges on their devices and expect to be able to operate these without any restrictions- for example being able to download files and install software. From IT’s perspective, this presents a significant risk which is why endpoints- laptops, tablets, smartphones- are becoming the new battleground. Finally, we also see attackers going after user credentials as this is where they can really achieve a justifiable ‘return on investment’ so to speak. With stolen credentials, they can gain legitimate access into systems and networks with all the user’s privileges, thereby opening a treasure trove of data and the possibility to wide scale attacks into the network. With regards to the regional specificity of trends, we now live in a globalized world, so we see the same issues and threats being utilized across the world.
The motivation and persistence of attackers may vary of course but in general, the kind of threats that organizations could potentially be exposed to don’t differ from region to region. I will however say that with their large expat populations, and the cultural and social diversity that this introduces, there is a certain complexity that’s introduced that makes cybersecurity more complicated for organizations in the Middle East. We can also see that proportionally Middle East region is targeted more and more with orchestrated cyber-attacks, such as recent APT34 attack. This means that organizations must be prudent and take cybersecurity very seriously in order not to fall prey to cyber criminals and state actors. We can see that organizations are taking this seriously and therefore continuing to invest in their security controls and specifically in those controls that enable monitoring and incident response. More specifically, this has translated to increased need for managed security services and Help AG continues to invest in that segment for us to cover the whole area of needs, from SIEM and threat intelligence to managed web application firewalls and managed end-point solutions and everything in between. Security-as-a-Service is what the market needs today.
Q) How prepared are organizations, to deal with cyber threats and sophisticated attacks of all kinds?
The maturity of organisations is increasing, and they understand that cybersecurity is essential. What they now need to understand is that it’s not just technology that will mitigate threats but also how they configure and operate their security environments. Sometimes, there’s too much focus on simply purchasing best-of-breed products without the necessary step of enabling their optimum utilization. At Help AG, we invest heavily in developing the technical skill sets within our workforce. A lot of organisations understand that when we sell them a solution, it isn’t just fulfilment but rather the expertise in implementation, configuration, training and support that they’re paying for. Unfortunately, there are still many organisations that fail to see this. Remedying this calls for education and a better understanding of how to evaluate cybersecurity providers.
Q) How effectively are risk/vulnerability assessments carried out by organizations?
The general approach to vulnerability assessment – whether it is being carried out by in-house IT teams or third-party providers – is to use automated tools. Although vulnerability assessment tools are a must in a mature cybersecurity programme and they provide important visibility, these are not a silver bullet. Unfortunately, this mechanical approach fairs poorly in replicating the ways in which cyber criminals actually uncover and exploit vulnerabilities. This is why it is essential for penetration testing and vulnerability assessment teams to have skilled ethical hackers who can ‘think like attackers’ and mimic the way in which attackers actually operate. This is how Help AG differentiates its VAPT services from the market and it is also the reason why our Security Analysis team has successfully discovered and reported over 80 zero-day vulnerabilities – which is unmatched in the region.
Q) Do you think there needs to be more awareness about the need for greater cybersecurity measures, among the general public?
Absolutely. One of the most important aspects of a successful cybersecurity programme is awareness. Without awareness, people will not understand why security is necessary, they will see the controls in place as a disturbance and will try to circumvent even the best security measures without understanding the potential damage this might cause. This is true of the general public because at the end of the day, these are the end-users and employees who are connecting to enterprise networks and utilizing various online services. Several large-scale attacks in recent years can be traced back to social engineering and other attacks that exploit poor cybersecurity awareness rather than technical issues.
Awareness is therefore essential for any individual who uses IT based services – which today encompasses the large majority of the population. Furthermore, it is important to keep the efforts for awareness ongoing; any pause will result in an immediate decrease of awareness and the way back is difficult and even more resource intensive. As the region’s trusted security advisor, Help AG plays a lead role in furthering awareness in the region. We publish fortnightly threat reports, and host quarterly events that shine a spotlight on the main threats in the region, while simultaneously presenting the ways in which businesses can best mitigate these threats.
Q) How do you think attacks can be anticipated and prevented? What would you say is the best method for this?
Cybersecurity is an arms race, and unfortunately defensive investments are greatly overshadowed by offensive investments – a recent report has shown that if cybercrime were a country, it would have the 13th highest GDP in the world! With the volume and sophistication of cyber-attacks constantly on the rise, it’s imperative for organizations to adopt a SMART approach to cybersecurity – and this is where AI fits in. Using AI, cyber-attack detection technology can automatically detect, analyse, and defend against advanced attacks by proactively detecting or even laying traps for attackers. When combined with skilled security personnel, such AI-enabled adaptive technologies continue to become smarter over time, providing a competitive edge that has been largely inaccessible to all but those organizations that engage the services of highly technically proficient cybersecurity experts. Applying AI to cyber defences can help organizations maximize the abilities of their security teams by automating large portions of detection and analysis and enabling them to focus instead on high-level decision making. Organizations should seek expert advise on cyber security solutions that successfully leverage AI/ML capabilities, as it is difficult to separate real from the buzz. Later this month Help AG will be hosting our quarterly Security Spotlight Forum event focusing on “AI AND MACHINE LEARNING: THE NEXT CYBER SECURITY OPERATION FRONTIER?” as a topic.
Q) How is Help AG helping companies deal with cyber threats and risks? What are some of your newest products and solutions?
Help AG is a pure play cybersecurity advisor that goes far beyond the capabilities of the traditional system integrators, with industry leading practices in Analysis, Consulting, Integration, Managed Security Services and Support. Our dedicated focus on all aspects of cybersecurity, and unmatched expertise across the most comprehensive portfolio of solutions and services has led to voluminous success. One of the key things of any product within the Help AG portfolio is that it has been carefully selected based on a long-term strategy approach, whereby we try to identify the areas where we expect to see significant business requirements.
We always try to stay a step ahead of what our customers’ current requirements are, evangelise in the market and make sure we follow an approach that’s not only best suited for the present but is also future-proof. A good example in this direction is our strategic focus on Artificial Intelligence (AI) and Machine Learning (ML) – we are utilizing AI and ML in the setting of cybersecurity and the partnerships we have specifically engaged within here coupled with our focus on Secure Cloud Enablement are further testament to our strategic focus. We have recently broadened our portfolio with several vendors and solutions in this area, from Vectra and Exabeam that concentrate on behaviour analysis to Palo Alto’s Prisma cloud security suite of solutions. A point worth noting here would be that this is not a new approach we have adopted recently.
Help AG is proud to have to its credit the success of introducing and/or strengthening the market for leading vendors like Palo Alto Networks, F5 Networks, Symantec, Splunk, Infoblox and many more. What’s important is that this kind of strategy doesn’t just apply to our products/solutions. Rather it spans across our entire organization. We make sure all our solutions and services delivery teams are well-equipped to provide the highest expertise to support our customers with their ever-evolving security needs. This can especially be seen in our continuous investment in our managed security services portfolio where we are expanding our capabilities in areas of threat intelligence, incident response, orchestration and critical services monitoring (covering DNS, SSL and front page monitoring), where we continue to be the regional leader.
While most channel organizations continue to focus on solution delivery as their core business and leverage a generic tools-based approach to services, Help AG has set itself apart from the competition by building an unmatched services portfolio. Our heavy investment into recruiting and training the most technically skilled employees gives us an edge in service delivery.